<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Using FreeRadius to override VLAN Assignment</TITLE>
<META content="text/html; charset=us-ascii" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19170"></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=308073318-04012012><FONT size=2
face=Arial>Here is my radiusd -X it looks to me like the Access-Accept is not
returning the vlan with it.</FONT></SPAN></DIV><SPAN
class=308073318-04012012><FONT color=#0000ff size=2 face=Arial>
<DIV dir=ltr align=left><BR># Executing section post-auth from file
/usr/local/etc/raddb/sites-enabled/inner-tunnel<BR>} # server
inner-tunnel<BR>[peap] Got tunneled reply code
2<BR> Tunnel-Type:0 =
VLAN<BR> Tunnel-Medium-Type:0 =
IEEE-802<BR> Tunnel-Private-Group-Id:0
= "16" </DIV>
<DIV dir=ltr align=left>
MS-MPPE-Encryption-Policy =
0x00000001<BR>
MS-MPPE-Encryption-Types =
0x00000006<BR> MS-MPPE-Send-Key =
0xa15daac8db91138c9543ff1dd79193d8<BR>
MS-MPPE-Recv-Key =
0x5b23ada7251bf55e939f78211bc91ee9<BR>
EAP-Message = 0x030a0004<BR>
Message-Authenticator =
0x00000000000000000000000000000000<BR>
User-Name = "jmcsparin"<BR>[peap] Got tunneled reply RADIUS code
2<BR> Tunnel-Type:0 =
VLAN<BR> Tunnel-Medium-Type:0 =
IEEE-802<BR> Tunnel-Private-Group-Id:0
= "16"<BR> MS-MPPE-Encryption-Policy =
0x00000001<BR>
MS-MPPE-Encryption-Types =
0x00000006<BR> MS-MPPE-Send-Key =
0xa15daac8db91138c9543ff1dd79193d8<BR>
MS-MPPE-Recv-Key =
0x5b23ada7251bf55e939f78211bc91ee9<BR>
EAP-Message = 0x030a0004<BR>
Message-Authenticator =
0x00000000000000000000000000000000<BR>
User-Name = "jmcsparin"<BR>[peap] Tunneled authentication was
successful.<BR>[peap] SUCCESS<BR>++[eap] returns handled<BR>Sending
Access-Challenge of id 199 to 10.1.1.50 port
35858<BR> EAP-Message =
0x010b002b19001703010020c4f38e69d73c88a387eba5b0923e812f7d609d6c9d329f90acd78fc19eb2381f<BR>
Message-Authenticator =
0x00000000000000000000000000000000<BR>
State = 0x11074b60180c524471e7db294b4fecfb<BR>Sending Access-Accept of id 200 to
10.1.1.50 port 35858<BR>
MS-MPPE-Recv-Key =
0x3d7918ad48100976d9f4db012a50f82b6dba74d3777f6bdca2648b0db3eb9650<BR>
MS-MPPE-Send-Key =
0xd4fcd3d81bc0e75431a4baa52fff9b7dce70f1cf1025fe2aac060f30f45b35bb<BR>
EAP-Message = 0x030b0004<BR>
Message-Authenticator =
0x00000000000000000000000000000000<BR>
User-Name = "jmcsparin"<BR>Finished request 49.<BR></DIV></FONT></SPAN>
<DIV> </DIV><!-- Converted from text/rtf format -->
<P><SPAN lang=en-us><FONT size=2 face=Calibri>Joseph R. McSparin<BR>Network
Administrator<BR>Hill Country Memorial Hospital<BR>830 990 6638 phone<BR>830 990
6623 fax<BR>jmcsparin@hillcountrymemorial.org</FONT></SPAN> </P>
<DIV> </DIV><BR>
<DIV dir=ltr lang=en-us class=OutlookMessageHeader align=left>
<HR tabIndex=-1>
<FONT size=2 face=Tahoma><B>From:</B>
freeradius-users-bounces+jmcsparin=hillcountrymemorial.org@lists.freeradius.org
[mailto:freeradius-users-bounces+jmcsparin=hillcountrymemorial.org@lists.freeradius.org]
<B>On Behalf Of </B>Brian Julin<BR><B>Sent:</B> Wednesday, January 04, 2012
10:49 AM<BR><B>To:</B> FreeRadius users mailing list<BR><B>Subject:</B> RE:
Using FreeRadius to override VLAN Assignment<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=449274616-04012012><FONT color=#0000ff
size=2 face=Arial>The first order of business would be to freeradius in debug
mode, or launch an eapol_test client against it, and look to see
whether the attribute is being sent. If you do not know whether the
attribute is being sent, you cannot determine whether it is the AP or the
freeradius server that needs fixing.</FONT></SPAN></DIV><BR>
<DIV dir=ltr lang=en-us class=OutlookMessageHeader align=left>
<HR tabIndex=-1>
<FONT size=2 face=Tahoma><B>From:</B>
freeradius-users-bounces+bjulin=clarku.edu@lists.freeradius.org
[mailto:freeradius-users-bounces+bjulin=clarku.edu@lists.freeradius.org] <B>On
Behalf Of </B>McSparin, Joe<BR><B>Sent:</B> Wednesday, January 04, 2012 11:00
AM<BR><B>To:</B> FreeRadius users mailing list<BR><B>Subject:</B> Using
FreeRadius to override VLAN Assignment<BR></FONT><BR></DIV>
<DIV></DIV><!-- Converted from text/rtf format -->
<P><FONT size=2 face=Arial>I have put the following into my users files</FONT>
</P>
<P><FONT size=2 face=Arial>DEFAULT Auth-Type = "ntlm_auth"</FONT>
<BR><FONT size=2
face=Arial>
Tunnel-Type = "VLAN",</FONT> <BR><FONT size=2
face=Arial>
Tunnel-Medium-Type = "IEEE-802",</FONT> <BR><FONT size=2
face=Arial>
Tunnel-Private-Group-id = "1001"</FONT> </P>
<P><FONT size=2 face=Arial>I have told my access point to Allow RADIUS Override
on the VLAN Assignment however the VLAN is not getting overridden. Does
the Above entry into my users file not actually send back a vlan assignment and
if not is there somewhere else this is supposed to be done?</FONT></P>
<P><FONT size=2 face=Calibri>Joseph R. McSparin<BR>Network Administrator<BR>Hill
Country Memorial Hospital<BR>830 990 6638 phone<BR>830 990 6623
fax<BR>jmcsparin@hillcountrymemorial.org</FONT> </P><BR>
<HR>
<P class=MsoNormal><FONT size=2 face=Arial><SPAN
style="FONT-FAMILY: Arial; FONT-SIZE: 10pt"><FONT size=1><SPAN
style="FONT-FAMILY: tahoma,arial,helvetica,sans-serif">This email message and
any attachments are for the sole use of the intended recipient(s) and contain
confidential and/or privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended recipient,
please contact the sender by reply email and destroy all copies of the original
message and any attachments.</SPAN></FONT><O:P
/></SPAN></FONT></P></BODY></HTML>
<BR><HR>
<p class="MsoNormal"><font size="2" face="Arial"><span style="font-size: 10pt; font-family: Arial;"><font size="1"><span style="font-family: tahoma,arial,helvetica,sans-serif;">This email message and any
attachments are for the sole use of the intended recipient(s) and contain
confidential and/or privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended recipient,
please contact the sender by reply email and destroy all copies of the original
message and any attachments.</span></font><o:p /></span></font></p>